<?php

/**
 * Shipping information page
 *
 * Shopalong, the open source shopping system
 * http://shopalong.blogspot.com/
 *
 * @author Stuart Metcalfe <shoopdev@gmail.com>
 * @copyright Copyright &copy; 2003 osCommerce
 * @copyright Portions Copyright &copy; 2006 Shopalong
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 */

require('includes/application_top.php');

if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process'))
{
	$email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
	$check_customer_query = tep_db_query('select customers_firstname, customers_lastname, customers_password, customers_id from '.TABLE_CUSTOMERS.' where customers_email_address = "'.tep_db_input($email_address).'"');
	
	if (tep_db_num_rows($check_customer_query))
	{
		$check_customer = tep_db_fetch_array($check_customer_query);
		$new_password = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
		$crypted_password = tep_encrypt_password($new_password);
		tep_db_query('update '.TABLE_CUSTOMERS.' set customers_password = "'.tep_db_input($crypted_password).'" where customers_id = "'.(int)$check_customer['customers_id'].'"');
		
		/**
		 * @todo Make the email message a smarty template
		 */
		
		$subject = sprintf($theme->get_config_vars('EMAIL_PASSWORD_REMINDER_SUBJECT'), STORE_NAME);
		$message = sprintf($theme->get_config_vars('EMAIL_PASSWORD_REMINDER_BODY'), $REMOTE_ADDR, STORE_NAME, $new_password);
		
		tep_mail($check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname'], $email_address, $subject, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
		$messageStack->addSession('login', 'SUCCESS_PASSWORD_SENT', 'success');
		tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
	}
	
	else
	{
		$messageStack->add('password_forgotten', 'TEXT_NO_EMAIL_ADDRESS_FOUND');
	}
}

$theme->display('password_forgotten.tpl');
require(DIR_WS_INCLUDES.'application_bottom.php'); 

?>
